package net.bluemind.core.password.bruteforce;

import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import net.bluemind.authentication.provider.IAuthProvider;
import net.bluemind.authentication.provider.ILoginValidationListener;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.caches.registry.CacheRegistry;
import net.bluemind.core.caches.registry.ICacheRegistration;
import net.bluemind.domain.api.Domain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/core/password/bruteforce/Fail2Ban.class */
public class Fail2Ban implements ILoginValidationListener, IAuthProvider {
    private static final Logger logger = LoggerFactory.getLogger(Fail2Ban.class);
    private static final Cache<String, AtomicInteger> trials = Caffeine.newBuilder().recordStats().expireAfterAccess(20, TimeUnit.SECONDS).build();

    /* loaded from: input_file:net/bluemind/core/password/bruteforce/Fail2Ban$CacheRegistration.class */
    public static class CacheRegistration implements ICacheRegistration {
        public void registerCaches(CacheRegistry cacheRegistry) {
            cacheRegistry.register(Fail2Ban.class, Fail2Ban.trials);
        }
    }

    public void onValidLogin(IAuthProvider iAuthProvider, boolean z, String str, String str2, String str3) {
        trials.invalidate(String.valueOf(str) + "@" + str2);
    }

    public void onFailedLogin(IAuthProvider iAuthProvider, boolean z, String str, String str2, String str3) {
        Optional.ofNullable((AtomicInteger) trials.getIfPresent(String.valueOf(str) + "@" + str2)).ifPresent((v0) -> {
            v0.incrementAndGet();
        });
    }

    public IAuthProvider.AuthResult check(IAuthProvider.IAuthContext iAuthContext) throws ServerFault {
        String str = String.valueOf(iAuthContext.getRealUserLogin()) + "@" + ((Domain) iAuthContext.getDomain().value).name;
        AtomicInteger atomicInteger = (AtomicInteger) trials.getIfPresent(str);
        if (atomicInteger == null) {
            logger.debug("First attempt for {}", str);
            trials.put(str, new AtomicInteger(1));
            return IAuthProvider.AuthResult.UNKNOWN;
        }
        int i = atomicInteger.get();
        if (i > 3) {
            logger.warn("Too many ({}) attempts for {}/{}. Wait 20sec to retry", new Object[]{Integer.valueOf(i), str, iAuthContext.getSecurityContext().getRemoteAddresses()});
            return IAuthProvider.AuthResult.NO;
        }
        logger.info("** Attempt {} for {}", Integer.valueOf(i), str);
        return IAuthProvider.AuthResult.UNKNOWN;
    }

    public int priority() {
        return Integer.MAX_VALUE;
    }
}
